package fm.demo.smart.collection.speaker;

import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.util.io.pem.PemReader;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.util.Base64Utils;
import org.springframework.util.ResourceUtils;

import java.io.*;
import java.net.URI;
import java.net.URISyntaxException;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.nio.file.Paths;
import java.security.*;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.KeySpec;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Map;

public class RSAUtils {

    private static Logger logger = LoggerFactory.getLogger(RSAUtils.class);

    static {
        Security.addProvider(new BouncyCastleProvider());
    }

    public static PrivateKey getPriKey() throws URISyntaxException, IOException, NoSuchAlgorithmException, InvalidKeySpecException {
        URI uri = ResourceUtils.getURL("classpath:pri.key").toURI();
        byte[] bytes = Files.readAllBytes(Paths.get(uri));
        PemReader pemReader = new PemReader(new InputStreamReader(new ByteArrayInputStream(bytes)));

        PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(pemReader.readPemObject().getContent());
        KeyFactory keyFactory = KeyFactory.getInstance("RSA");
        return keyFactory.generatePrivate(spec);
    }

    public static String getSign(String sign, PrivateKey privateKey) throws NoSuchAlgorithmException, InvalidKeyException, UnsupportedEncodingException, SignatureException {
        logger.info("=====待签名数据开始======");
        logger.info(sign);
        logger.info("=====待签名数据结束======");
        Signature signature = Signature.getInstance("SHA256withRSA");
        signature.initSign(privateKey);
        signature.update(sign.getBytes(StandardCharsets.UTF_8));
        String m = Base64Utils.encodeToString(signature.sign());
        logger.info("=====签名数据开始======");
        logger.info(m);
        logger.info("=====签名数据结束======");
        return m;
    }

    public static boolean verifySign(String sign, String msg) throws IOException, URISyntaxException, NoSuchAlgorithmException, InvalidKeySpecException, InvalidKeyException, SignatureException {
//        URI uri = ResourceUtils.getURL("classpath:pub.key").toURI();
        URI uri = ResourceUtils.getURL("classpath:chasePubkey.txt").toURI();
        byte[] bytes = Files.readAllBytes(Paths.get(uri));
        PemReader pemReader = new PemReader(new InputStreamReader(new ByteArrayInputStream(bytes)));
        KeySpec spec = new X509EncodedKeySpec(pemReader.readPemObject().getContent());
        KeyFactory keyFactory = KeyFactory.getInstance("RSA");
        PublicKey publicKey = keyFactory.generatePublic(spec);
        Signature signature = Signature.getInstance("SHA256withRSA");
        signature.initVerify(publicKey);
        signature.update(msg.getBytes(StandardCharsets.UTF_8));
        return signature.verify(Base64Utils.decodeFromString(sign));
    }

}
